t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: allow MANAGE_COMMUNITIES user permission to bypass read access

Browse source
This commit is contained in:
trisua 2025-04-13 01:37:39 -04:00
parent 85bf844e2d
commit 5d53ceb09c
1 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
crates/app/src/routes/pages/communities.rs
View file

@ -19,8 +19,16 @@ macro_rules! check_permissions {
($community:ident, $jar:ident, $data:ident, $user:ident) => {{ ($community:ident, $jar:ident, $data:ident, $user:ident) => {{
let mut is_member: bool = false; let mut is_member: bool = false;
let mut can_manage_pins: bool = false; let mut can_manage_pins: bool = false;
let mut can_manage_communities: bool = false;
if let Some(ref ua) = $user { if let Some(ref ua) = $user {
if ua
.permissions
.check(tetratto_core::model::permissions::FinePermission::MANAGE_COMMUNITIES)
{
can_manage_communities = true;
}
if let Ok(membership) = $data if let Ok(membership) = $data
.0 .0
.get_membership_by_owner_community(ua.id, $community.id) .get_membership_by_owner_community(ua.id, $community.id)
@ -44,11 +52,15 @@ macro_rules! check_permissions {
match $community.read_access { match $community.read_access {
CommunityReadAccess::Joined => { CommunityReadAccess::Joined => {
if !can_manage_communities {
if !is_member { if !is_member {
(false, can_manage_pins) (false, can_manage_pins)
} else { } else {
(true, can_manage_pins) (true, can_manage_pins)
} }
} else {
(true, true)
}
} }
_ => (true, can_manage_pins), _ => (true, can_manage_pins),
} }